Spotify breached – but just one mystery user is hacked

Music streaming service Spotify has urged its Android users to upgrade to a new version of the app after “unauthorized access to our systems and internal company data” – according to a message on the company’s official blog.

Oddly, though, as The Verge reports, only one user was targeted in the Spotify hack. The company said, “Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial or payment information. We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident.”

Spotify aims to put a series of security measures in place “over the next few days”. Android users will be prompted to re-enter their username and password to log in, according to TechCrunch.

Pocket-Lint noted that the site provided no detail on the reported breach, except to say, “We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.

As an extra safety step, we are going to guide Android app users to upgrade over the next few days. If Spotify prompts you for an upgrade, please follow the instructions.”

The company also said that it recommended that users install the app from the official Google Play store rather than third party stores. It said that users on iOS and Windows Phone are unaffected.

Despite the Spotify hack being among the smallest data breaches ever – in comparison, for instance, to eBay’s recent breach, which may affect millions, TechCrunch commented that the company was taking the right approach.

Following widespread security breaches as eBay, Target and the like, companies are wise to err on the side of transparency and take broad steps to ensure its user’s information is safe. The days are long gone of sweeping potentially harmful situations under the rug.